Using Springenwerk is quite easy. This is the usage:
#python springenwerk.py [--output=OUTPUT.HTML] [--useragent=(ie|ff)] [--verbose] [--with-post] [--without-actions] [--checkargs] TARGETURL [TARGETURL2 TARGETURL3...]
These are the options:
-
-o|--output=OUTPUT.HTML
-
Sets the html file that the scan results and exploits should be written to.
If the file doesn't exist, it will be created. If it exists, data will be appended.
Example: python springenwerk.py --output=/home/mbogo/spwkresults.html http://localhost/test.php
-
-u|--useragent=(ie|ff)
-
Sets the http user agent that will be used in the request headers; either Internet Explorer or Firefox.
The default is 'Springenwerk-VERSION'.
-
-v|--verbose
-
Hmmmmm.....
-
-p|--with-post
-
Also checks for vulnerabilities by passing data to the target(s) using the http post method.
-
--without-actions
-
Only checks the target itself, not the urls that have been found in the action attributes of its forms.
-
-a|--checkargs
-
Also checks if the arguments that have been attached to the target url(s) are vulnerable. Example: If the target url is 'http://localhost/test.php?arg1=fred=mbogo', arg1 and arg2 will be checked, too.
Run Springenwerk without any arguments for up to date usage and examples.
